MySQL.com hacked again
MySQL.com is found serving malware after the second known hack on the website this year.


For the second time in a year, MySQL.com has been hacked and is serving malware.
Security firm Amorize found some highly obfuscated injected JavaScript on the website, noting that visitors would be hit by the BlackHole exploit kit.
"It exploits the visitor's browsing platform ... and upon successful exploitation, permanently installs a piece of malware into the visitor's machine, without the visitor's knowledge," the company's co-founder Wayne Huang said in a blog post.
"The visitor doesn't need to click or agree to anything - simply visiting MySQL.com with a vulnerable browsing platform will result in an infection."
Huang said he was unsure who was behind the attack. Amorize was attempting to contact MySQL.com yesterday, but had not confirmed if the site had responded.
On the KrebsonSecurity blog, Brian Krebs claimed he had found evidence administrative access to MySQL.com was being sold in an "exclusive Russian hacker forum." The seller went by the name of sourcec0de.'
Worryingly for IT departments, using test site Virus Total, Huang showed only six out of 43 anti-virus engines could detect the malware being served by MySQL.com. When the company first blogged, only four were able to do so.
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
The video below shows how MySQL.com was serving malware:
MySQL.com was hacked in March 2011, ironically by an SQL injection attack.
Tom Brewster is currently an associate editor at Forbes and an award-winning journalist who covers cyber security, surveillance, and privacy. Starting his career at ITPro as a staff writer and working up to a senior staff writer role, Tom has been covering the tech industry for more than ten years and is considered one of the leading journalists in his specialism.
He is a proud alum of the University of Sheffield where he secured an undergraduate degree in English Literature before undertaking a certification from General Assembly in web development.
-
What is polymorphic malware?
Explainer Polymorphic malware constantly changes its code to avoid detection, making it a top cybersecurity threat that demands advanced, behavior-based defenses
-
Outgoing Kaseya CEO teases "this is just the beginning" for the company
Opinion We spoke to Fred Voccola who remains a key figurehead at the firm as it enters its next chapter...
-
250,000 stolen MySQL databases auctioned on the dark web
News Hackers are thought to have obtained 7TB of stolen data using the PLEASE_READ_ME ransomware campaign
-
Oracle issues 78 vulnerability patches
News Combined with Microsoft and Adobe patches, Oracle has made IT departments' lives a little harder this month.
-
Oracle quiet on MySQL.com hack claims
News Larry Ellison's firm neither confirms nor denies MySQL.com has been hacked again.
-
MySQL hit by irony attack
News MySQL.com gets hit by an SQL injection attack, and hackers leak some disconcertingly weak passwords onto the net.